Commit 0450c125 authored by Antonio Borneo's avatar Antonio Borneo Committed by David Woodhouse

Uniform coding style: space and tabs

This patch just play with space and tabs, so
	git diff -w
does not report anything.
Signed-off-by: default avatarAntonio Borneo <borneo.antonio@gmail.com>
Signed-off-by: default avatarDavid Woodhouse <David.Woodhouse@intel.com>
parent 4acd0089
......@@ -276,7 +276,7 @@ static char *xmlnode_msg(xmlNode *xml_node)
}
len = strlen(fmt) + 1;
params[0] = (char *)xmlGetProp(xml_node, (unsigned char *)"param1");
if (params[0])
len += strlen(params[0]);
......@@ -291,7 +291,7 @@ static char *xmlnode_msg(xmlNode *xml_node)
}
strcpy(result, fmt);
free (fmt);
free(fmt);
for (pct = strchr(result, '%'); pct;
(pct = strchr(pct, '%'))) {
......@@ -643,7 +643,7 @@ void free_auth_form(struct oc_auth_form *form)
struct oc_form_opt_select *sel = (void *)form->opts;
int i;
for (i=0; i < sel->nr_choices; i++) {
for (i = 0; i < sel->nr_choices; i++) {
free(sel->choices[i].name);
free(sel->choices[i].label);
free(sel->choices[i].auth_type);
......
......@@ -77,7 +77,7 @@ static int oc_vasprintf(char **strp, const char *fmt, va_list ap)
res = NULL;
goto err;
}
if (len >=0 && len < 160)
if (len >= 0 && len < 160)
goto out;
free(res);
......
......@@ -171,7 +171,7 @@ static int start_cstp_connection(struct openconnect_info *vpninfo)
vpninfo->vpn_domain = vpninfo->vpn_proxy_pac = NULL;
vpninfo->banner = NULL;
for (i=0; i<3; i++)
for (i = 0; i < 3; i++)
vpninfo->vpn_dns[i] = vpninfo->vpn_nbns[i] = NULL;
for (inc = vpninfo->split_includes; inc; ) {
......@@ -215,12 +215,12 @@ static int start_cstp_connection(struct openconnect_info *vpninfo)
buf_append(buf, sizeof(buf), "X-CSTP-Base-MTU: %d\r\n", base_mtu);
buf_append(buf, sizeof(buf), "X-CSTP-MTU: %d\r\n", mtu);
buf_append(buf, sizeof(buf), "X-CSTP-Address-Type: %s\r\n",
vpninfo->disable_ipv6?"IPv4":"IPv6,IPv4");
vpninfo->disable_ipv6 ? "IPv4" : "IPv6,IPv4");
buf_append(buf, sizeof(buf), "X-DTLS-Master-Secret: ");
for (i = 0; i < sizeof(vpninfo->dtls_secret); i++)
buf_append(buf, sizeof(buf), "%02X", vpninfo->dtls_secret[i]);
buf_append(buf, sizeof(buf), "\r\nX-DTLS-CipherSuite: %s\r\n\r\n",
vpninfo->dtls_ciphers?:"AES256-SHA:AES128-SHA:DES-CBC3-SHA:DES-CBC-SHA");
vpninfo->dtls_ciphers ? : "AES256-SHA:AES128-SHA:DES-CBC3-SHA:DES-CBC-SHA");
openconnect_SSL_write(vpninfo, buf, strlen(buf));
......@@ -715,7 +715,7 @@ int cstp_mainloop(struct openconnect_info *vpninfo, int *timeout)
we should probably remove POLLIN from the events we're looking for,
and add POLLOUT. As it is, though, it'll just chew CPU time in that
fairly unlikely situation, until the write backlog clears. */
while ( (len = cstp_read(vpninfo, buf, sizeof(buf))) > 0) {
while ((len = cstp_read(vpninfo, buf, sizeof(buf))) > 0) {
int payload_len;
if (buf[0] != 'S' || buf[1] != 'T' ||
......@@ -734,7 +734,7 @@ int cstp_mainloop(struct openconnect_info *vpninfo, int *timeout)
continue;
}
vpninfo->ssl_times.last_rx = time(NULL);
switch(buf[6]) {
switch (buf[6]) {
case AC_PKT_DPD_OUT:
vpn_progress(vpninfo, PRG_TRACE,
_("Got CSTP DPD request\n"));
......
......@@ -112,7 +112,7 @@ int RAND_bytes(char *buf, int len)
#ifdef HAVE_DTLS1_STOP_TIMER
/* OpenSSL doesn't deliberately export this, but we need it to
workaround a DTLS bug in versions < 1.0.0e */
extern void dtls1_stop_timer (SSL *);
extern void dtls1_stop_timer(SSL *);
#endif
#if !defined(NO_BROKEN_DTLS_CHECK) && (OPENSSL_VERSION_NUMBER == 0x10002000L || \
......@@ -265,7 +265,7 @@ int dtls_try_handshake(struct openconnect_info *vpninfo)
#if OPENSSL_VERSION_NUMBER >= 0x1000005fL
/* OpenSSL 1.0.0e or above doesn't resend anyway; do nothing.
However, if we were *built* against 1.0.0e or newer, but at
runtime we find that we are being run against an older
runtime we find that we are being run against an older
version, warn about it. */
if (SSLeay() < 0x1000005fL) {
vpn_progress(vpninfo, PRG_ERR,
......@@ -284,8 +284,8 @@ int dtls_try_handshake(struct openconnect_info *vpninfo)
* so do it manually. This version also works on all
* sane versions of OpenSSL:
*/
memset (&(vpninfo->dtls_ssl->d1->next_timeout), 0,
sizeof((vpninfo->dtls_ssl->d1->next_timeout)));
memset(&(vpninfo->dtls_ssl->d1->next_timeout), 0,
sizeof((vpninfo->dtls_ssl->d1->next_timeout)));
vpninfo->dtls_ssl->d1->timeout_duration = 1;
BIO_ctrl(SSL_get_rbio(vpninfo->dtls_ssl),
BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
......@@ -633,10 +633,10 @@ int setup_dtls(struct openconnect_info *vpninfo)
#if defined(OPENCONNECT_GNUTLS) && defined(DTLS_OPENSSL)
/* If we're using GnuTLS for authentication but OpenSSL for DTLS,
we'll need to initialise OpenSSL now... */
SSL_library_init ();
ERR_clear_error ();
SSL_load_error_strings ();
OpenSSL_add_all_algorithms ();
SSL_library_init();
ERR_clear_error();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
#endif
while (dtls_opt) {
......@@ -726,7 +726,7 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout)
vpninfo->dtls_times.last_rx = time(NULL);
switch(buf[0]) {
switch (buf[0]) {
case AC_PKT_DATA:
dtls_pkt->len = len - 1;
queue_packet(&vpninfo->incoming_queue, dtls_pkt);
......@@ -884,7 +884,7 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout)
}
#else /* !HAVE_DTLS */
#warning Your SSL library does not seem to support Cisco DTLS compatibility
int setup_dtls(struct openconnect_info *vpninfo)
int setup_dtls(struct openconnect_info *vpninfo)
{
vpn_progress(vpninfo, PRG_ERR,
_("Built against SSL library with no Cisco DTLS support\n"));
......
......@@ -88,7 +88,7 @@ int openconnect_SSL_write(struct openconnect_info *vpninfo, char *buf, size_t le
FD_ZERO(&wr_set);
FD_ZERO(&rd_set);
if (gnutls_record_get_direction(vpninfo->https_sess))
FD_SET(vpninfo->ssl_fd, &wr_set);
else
......@@ -125,7 +125,7 @@ int openconnect_SSL_read(struct openconnect_info *vpninfo, char *buf, size_t len
} else {
FD_ZERO(&wr_set);
FD_ZERO(&rd_set);
if (gnutls_record_get_direction(vpninfo->https_sess))
FD_SET(vpninfo->ssl_fd, &wr_set);
else
......@@ -180,10 +180,10 @@ int openconnect_SSL_gets(struct openconnect_info *vpninfo, char *buf, size_t len
} else {
fd_set rd_set, wr_set;
int maxfd = vpninfo->ssl_fd;
FD_ZERO(&rd_set);
FD_ZERO(&wr_set);
if (gnutls_record_get_direction(vpninfo->https_sess))
FD_SET(vpninfo->ssl_fd, &wr_set);
else
......@@ -434,7 +434,7 @@ static int count_x509_certificates(gnutls_datum_t *datum)
p += 11;
if (!strncmp(p, "CERTIFICATE", 11) ||
!strncmp(p, "X509 CERTIFICATE", 16))
count++;
count++;
}
return count;
}
......@@ -555,7 +555,7 @@ static int assign_privkey(struct openconnect_info *vpninfo,
if (!pcerts)
return GNUTLS_E_MEMORY_ERROR;
for (i=0 ; i < nr_certs; i++) {
for (i = 0 ; i < nr_certs; i++) {
err = gnutls_pcert_import_x509(pcerts + i, certs[i], 0);
if (err) {
vpn_progress(vpninfo, PRG_ERR,
......@@ -572,9 +572,9 @@ static int assign_privkey(struct openconnect_info *vpninfo,
_("Setting PKCS#11 certificate failed: %s\n"),
gnutls_strerror(err));
free_pcerts:
for (i=0 ; i < nr_certs; i++)
for (i = 0 ; i < nr_certs; i++)
gnutls_pcert_deinit(pcerts + i);
free (pcerts);
free(pcerts);
}
return err;
}
......@@ -668,7 +668,7 @@ static int import_openssl_pem(struct openconnect_info *vpninfo,
else if (type == 'R')
begin = "RSA PRIVATE KEY";
else if (type == 'D')
begin = "DSA PRIVATE KEY";
begin = "DSA PRIVATE KEY";
else
return -EINVAL;
......@@ -1123,10 +1123,10 @@ static int load_certificate(struct openconnect_info *vpninfo)
s = sizeof(token->model) + 1;
if (!gnutls_pkcs11_obj_get_info(crt, GNUTLS_PKCS11_OBJ_TOKEN_MODEL,
buf, &s)) {
s--;
memcpy(token->model, buf, s);
memset(token->model + s, ' ',
sizeof(token->model) - s);
s--;
memcpy(token->model, buf, s);
memset(token->model + s, ' ',
sizeof(token->model) - s);
}
}
if (!token->serialNumber[0]) {
......@@ -1322,11 +1322,11 @@ static int load_certificate(struct openconnect_info *vpninfo)
goto out;
}
/* If extra_certs[] is NULL, we have one candidate in 'cert' to check. */
for (i = 0; i < (extra_certs?nr_extra_certs:1); i++) {
for (i = 0; i < (extra_certs ? nr_extra_certs : 1); i++) {
unsigned char cert_id[20];
size_t cert_id_size = sizeof(cert_id);
err = gnutls_x509_crt_get_key_id(extra_certs?extra_certs[i]:cert, 0, cert_id, &cert_id_size);
err = gnutls_x509_crt_get_key_id(extra_certs ? extra_certs[i] : cert, 0, cert_id, &cert_id_size);
if (err)
continue;
......@@ -1369,11 +1369,11 @@ static int load_certificate(struct openconnect_info *vpninfo)
}
/* If extra_certs[] is NULL, we have one candidate in 'cert' to check. */
for (i=0; i < (extra_certs?nr_extra_certs:1); i++) {
for (i = 0; i < (extra_certs ? nr_extra_certs : 1); i++) {
gnutls_pubkey_t pubkey;
gnutls_pubkey_init(&pubkey);
err = gnutls_pubkey_import_x509(pubkey, extra_certs?extra_certs[i]:cert, 0);
err = gnutls_pubkey_import_x509(pubkey, extra_certs ? extra_certs[i] : cert, 0);
if (err) {
vpn_progress(vpninfo, PRG_ERR,
_("Error validating signature against certificate: %s\n"),
......@@ -1461,7 +1461,7 @@ static int load_certificate(struct openconnect_info *vpninfo)
err = gnutls_certificate_get_issuer(vpninfo->https_cred,
last_cert, &issuer, 0);
if (err)
break;
break;
/* The check_issuer_sanity() function works fine as a workaround where
it was used above, but when gnutls_certificate_get_issuer() returns
......@@ -1597,7 +1597,7 @@ static int get_cert_fingerprint(struct openconnect_info *vpninfo,
if (gnutls_x509_crt_get_fingerprint(cert, algo, md, &md_size))
return -EIO;
for (i=0; i < md_size; i++)
for (i = 0; i < md_size; i++)
sprintf(&buf[i*2], "%02X", md[i]);
return 0;
......@@ -1623,11 +1623,11 @@ char *openconnect_get_cert_details(struct openconnect_info *vpninfo,
if (gnutls_x509_crt_print(cert, GNUTLS_CRT_PRINT_FULL, &buf))
return NULL;
/* Just in case gnutls_free() isn't free(), we can't steal it. */
ret = strdup((char *)buf.data);
gnutls_free(buf.data);
return ret;
}
......@@ -1637,7 +1637,7 @@ int openconnect_get_cert_DER(struct openconnect_info *vpninfo,
size_t l = 0;
unsigned char *ret = NULL;
if (gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_DER, ret, &l) !=
if (gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_DER, ret, &l) !=
GNUTLS_E_SHORT_MEMORY_BUFFER)
return -EIO;
......@@ -1647,7 +1647,7 @@ int openconnect_get_cert_DER(struct openconnect_info *vpninfo,
if (gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_DER, ret, &l)) {
free(ret);
return -EIO;
return -EIO;
}
*buf = ret;
return l;
......@@ -1667,7 +1667,7 @@ static int verify_peer(gnutls_session_t session)
vpninfo->peer_cert = NULL;
}
cert_list = gnutls_certificate_get_peers (session, &cert_list_size);
cert_list = gnutls_certificate_get_peers(session, &cert_list_size);
if (!cert_list) {
vpn_progress(vpninfo, PRG_ERR, _("Server presented no certificate\n"));
return GNUTLS_E_CERTIFICATE_ERROR;
......@@ -1677,14 +1677,14 @@ static int verify_peer(gnutls_session_t session)
unsigned char sha1bin[SHA1_SIZE];
char fingerprint[(SHA1_SIZE * 2) + 1];
int i;
err = openconnect_sha1(sha1bin, cert_list[0].data, cert_list[0].size);
if (err) {
vpn_progress(vpninfo, PRG_ERR,
_("Could not calculate SHA1 of server's certificate\n"));
return GNUTLS_E_CERTIFICATE_ERROR;
}
for (i=0; i < SHA1_SIZE; i++)
for (i = 0; i < SHA1_SIZE; i++)
sprintf(&fingerprint[i*2], "%02X", sha1bin[i]);
if (strcasecmp(vpninfo->servercert, fingerprint)) {
......@@ -1695,7 +1695,7 @@ static int verify_peer(gnutls_session_t session)
return 0;
}
err = gnutls_certificate_verify_peers2 (session, &status);
err = gnutls_certificate_verify_peers2(session, &status);
if (err) {
vpn_progress(vpninfo, PRG_ERR, _("Error checking server cert status\n"));
return GNUTLS_E_CERTIFICATE_ERROR;
......@@ -1773,8 +1773,8 @@ int openconnect_open_https(struct openconnect_info *vpninfo)
DEFAULT_SYSTEM_CAFILE,
GNUTLS_X509_FMT_PEM);
#endif
gnutls_certificate_set_verify_function (vpninfo->https_cred,
verify_peer);
gnutls_certificate_set_verify_function(vpninfo->https_cred,
verify_peer);
#ifdef ANDROID_KEYSTORE
if (vpninfo->cafile && !strncmp(vpninfo->cafile, "keystore:", 9)) {
......@@ -1855,20 +1855,20 @@ int openconnect_open_https(struct openconnect_info *vpninfo)
}
}
}
gnutls_init (&vpninfo->https_sess, GNUTLS_CLIENT);
gnutls_session_set_ptr (vpninfo->https_sess, (void *) vpninfo);
gnutls_init(&vpninfo->https_sess, GNUTLS_CLIENT);
gnutls_session_set_ptr(vpninfo->https_sess, (void *) vpninfo);
#if defined(HAVE_TROUSERS) && !defined(HAVE_GNUTLS_CERTIFICATE_SET_KEY)
if (vpninfo->my_pkey == OPENCONNECT_TPM_PKEY)
gnutls_sign_callback_set(vpninfo->https_sess, gtls2_tpm_sign_cb, vpninfo);
#endif
err = gnutls_priority_set_direct (vpninfo->https_sess,
"NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:"
err = gnutls_priority_set_direct(vpninfo->https_sess,
"NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:"
#if GNUTLS_VERSION_MAJOR >= 3
"-CURVE-ALL:"
"-CURVE-ALL:"
#endif
"%COMPAT:%DISABLE_SAFE_RENEGOTIATION:%LATEST_RECORD_VERSION",
NULL);
"%COMPAT:%DISABLE_SAFE_RENEGOTIATION:%LATEST_RECORD_VERSION",
NULL);
if (err) {
vpn_progress(vpninfo, PRG_ERR,
_("Failed to set TLS priority string: %s\n"),
......@@ -1879,14 +1879,14 @@ int openconnect_open_https(struct openconnect_info *vpninfo)
return -EIO;
}
gnutls_record_disable_padding (vpninfo->https_sess);
gnutls_credentials_set (vpninfo->https_sess, GNUTLS_CRD_CERTIFICATE, vpninfo->https_cred);
gnutls_record_disable_padding(vpninfo->https_sess);
gnutls_credentials_set(vpninfo->https_sess, GNUTLS_CRD_CERTIFICATE, vpninfo->https_cred);
gnutls_transport_set_ptr(vpninfo->https_sess, /* really? */(gnutls_transport_ptr_t)(long) ssl_sock);
vpn_progress(vpninfo, PRG_INFO, _("SSL negotiation with %s\n"),
vpninfo->hostname);
while ((err = gnutls_handshake (vpninfo->https_sess))) {
while ((err = gnutls_handshake(vpninfo->https_sess))) {
if (err == GNUTLS_E_AGAIN) {
fd_set rd_set, wr_set;
int maxfd = ssl_sock;
......
......@@ -32,16 +32,16 @@
#include "openconnect-internal.h"
#ifndef HAVE_GNUTLS_PKCS12_SIMPLE_PARSE
/* If we're using a version of GnuTLS from before this was
/* If we're using a version of GnuTLS from before this was
exported, pull in our local copy. */
int gnutls_pkcs12_simple_parse (gnutls_pkcs12_t p12, const char *password,
gnutls_x509_privkey_t * key,
gnutls_x509_crt_t ** chain,
unsigned int * chain_len,
gnutls_x509_crt_t ** extra_certs,
unsigned int * extra_certs_len,
gnutls_x509_crl_t * crl,
unsigned int flags);
int gnutls_pkcs12_simple_parse(gnutls_pkcs12_t p12, const char *password,
gnutls_x509_privkey_t *key,
gnutls_x509_crt_t **chain,
unsigned int *chain_len,
gnutls_x509_crt_t **extra_certs,
unsigned int *extra_certs_len,
gnutls_x509_crl_t *crl,
unsigned int flags);
#endif /* !HAVE_GNUTLS_PKCS12_SIMPLE_PARSE */
......
......@@ -296,7 +296,7 @@ int load_tpm_key(struct openconnect_info *vpninfo, gnutls_datum_t *fdata,
goto out_key_policy;
}
}
err = request_passphrase(vpninfo, "openconnect_tpm_key",
err = request_passphrase(vpninfo, "openconnect_tpm_key",
&pass, _("Enter TPM key PIN:"));
if (err)
goto out_key_policy;
......@@ -304,7 +304,7 @@ int load_tpm_key(struct openconnect_info *vpninfo, gnutls_datum_t *fdata,
err = Tspi_Policy_SetSecret(vpninfo->tpm_key_policy,
TSS_SECRET_MODE_PLAIN,
strlen(pass), (void *)pass);
free (pass);
free(pass);
if (err) {
vpn_progress(vpninfo, PRG_ERR,
......@@ -315,7 +315,7 @@ int load_tpm_key(struct openconnect_info *vpninfo, gnutls_datum_t *fdata,
goto retry_sign;
}
free (asn1.data);
free(asn1.data);
return 0;
out_key_policy:
Tspi_Context_CloseObject(vpninfo->tpm_context, vpninfo->tpm_key_policy);
......@@ -333,7 +333,7 @@ int load_tpm_key(struct openconnect_info *vpninfo, gnutls_datum_t *fdata,
Tspi_Context_Close(vpninfo->tpm_context);
vpninfo->tpm_context = 0;
out_blob:
free (asn1.data);
free(asn1.data);
return -EIO;
}
......
......@@ -164,7 +164,7 @@ static int http_add_cookie(struct openconnect_info *vpninfo,
new->next = (*this)->next;
else
new = (*this)->next;
free((*this)->option);
free((*this)->value);
free(*this);
......@@ -202,14 +202,14 @@ static int process_http_response(struct openconnect_info *vpninfo, int *result,
if (!strncmp(buf, "HTTP/1.0 ", 9))
closeconn = 1;
if ((!closeconn && strncmp(buf, "HTTP/1.1 ", 9)) || !(*result = atoi(buf+9))) {
vpn_progress(vpninfo, PRG_ERR,
_("Failed to parse HTTP response '%s'\n"), buf);
return -EINVAL;
}
vpn_progress(vpninfo, (*result==200)?PRG_TRACE:PRG_INFO,
vpn_progress(vpninfo, (*result == 200) ? PRG_TRACE : PRG_INFO,
_("Got HTTP response: %s\n"), buf);
/* Eat headers... */
......@@ -255,8 +255,8 @@ static int process_http_response(struct openconnect_info *vpninfo, int *result,
if (!strcmp(colon, "webvpn") && *equals)
print_equals = _("<elided>");
vpn_progress(vpninfo, PRG_TRACE, "%s: %s=%s%s%s\n",
buf, colon, print_equals, semicolon?";":"",
semicolon?(semicolon+1):"");
buf, colon, print_equals, semicolon ? ";" : "",
semicolon ? (semicolon+1) : "");
/* The server tends to ask for the username and password as
usual, even if we've already failed because it didn't like
......@@ -318,9 +318,9 @@ static int process_http_response(struct openconnect_info *vpninfo, int *result,
goto cont;
/* Now the body, if there is one */
vpn_progress(vpninfo, PRG_TRACE, _("HTTP body %s (%d)\n"),
bodylen==BODY_HTTP10?"http 1.0" :
bodylen==BODY_CHUNKED?"chunked" : "length: ",
vpn_progress(vpninfo, PRG_TRACE, _("HTTP body %s (%d)\n"),
bodylen == BODY_HTTP10 ? "http 1.0" :
bodylen == BODY_CHUNKED ? "chunked" : "length: ",
bodylen);
/* If we were given Content-Length, it's nice and easy... */
......@@ -333,7 +333,7 @@ static int process_http_response(struct openconnect_info *vpninfo, int *result,
if (i < 0) {
vpn_progress(vpninfo, PRG_ERR,
_("Error reading HTTP response body\n"));
free(body);
free(body);
return -EINVAL;
}
done += i;
......@@ -361,7 +361,7 @@ static int process_http_response(struct openconnect_info *vpninfo, int *result,
if (i < 0) {
vpn_progress(vpninfo, PRG_ERR,
_("Error reading HTTP response body\n"));
free(body);
free(body);
return -EINVAL;
}
chunklen -= i;
......@@ -377,7 +377,7 @@ static int process_http_response(struct openconnect_info *vpninfo, int *result,
_("Error in chunked decoding. Expected '', got: '%s'"),
buf);
}
free(body);
free(body);
return -EINVAL;
}
......@@ -411,7 +411,7 @@ static int process_http_response(struct openconnect_info *vpninfo, int *result,
if (!body)
return -ENOMEM;
break;
}
}
}
}
......@@ -581,27 +581,27 @@ static int run_csd_script(struct openconnect_info *vpninfo, char *buf, int bufle
if (vpninfo->csd_wrapper)
csd_argv[i++] = vpninfo->csd_wrapper;
csd_argv[i++] = fname;
csd_argv[i++]= (char *)"-ticket";
csd_argv[i++] = (char *)"-ticket";
if (asprintf(&csd_argv[i++], "\"%s\"", vpninfo->csd_ticket) == -1)
goto out;
csd_argv[i++]= (char *)"-stub";
csd_argv[i++]= (char *)"\"0\"";
csd_argv[i++]= (char *)"-group";
csd_argv[i++] = (char *)"-stub";
csd_argv[i++] = (char *)"\"0\"";
csd_argv[i++] = (char *)"-group";
if (asprintf(&csd_argv[i++], "\"%s\"", vpninfo->authgroup?:"") == -1)
goto out;
openconnect_local_cert_md5(vpninfo, ccertbuf);
scertbuf[0] = 0;
get_cert_md5_fingerprint(vpninfo, vpninfo->peer_cert, scertbuf);
csd_argv[i++]= (char *)"-certhash";
csd_argv[i++] = (char *)"-certhash";
if (asprintf(&csd_argv[i++], "\"%s:%s\"", scertbuf, ccertbuf) == -1)
goto out;
csd_argv[i++]= (char *)"-url";
csd_argv[i++] = (char *)"-url";
if (asprintf(&csd_argv[i++], "\"https://%s%s\"", vpninfo->hostname, vpninfo->csd_starturl) == -1)
goto out;
csd_argv[i++]= (char *)"-langselen";
csd_argv[i++] = (char *)"-langselen";
csd_argv[i++] = NULL;
if (setenv("CSD_TOKEN", vpninfo->csd_token, 1))
......@@ -1147,7 +1147,7 @@ static int proxy_gets(struct openconnect_info *vpninfo, int fd,
if (len < 2)
return -EINVAL;
while ( (ret = proxy_read(vpninfo, fd, (void *)(buf + i), 1)) == 0) {
while ((ret = proxy_read(vpninfo, fd, (void *)(buf + i), 1)) == 0) {
if (buf[i] == '\n') {
buf[i] = 0;
if (i && buf[i-1] == '\r') {
......@@ -1267,7 +1267,7 @@ static int process_socks_proxy(struct openconnect_info *vpninfo, int ssl_sock)
strerror(-i));
return i;
}
if ((i = proxy_read(vpninfo, ssl_sock, buf, 2))) {
vpn_progress(vpninfo, PRG_ERR,
_("Error reading auth response from SOCKS proxy: %s\n"),
......@@ -1331,7 +1331,7 @@ static int process_socks_proxy(struct openconnect_info *vpninfo, int ssl_sock)
goto socks_err;
/* Connect responses contain an address */
switch(buf[3]) {
switch (buf[3]) {
case 1: /* Legacy IP */
i = 5;
break;
......@@ -1426,7 +1426,7 @@ int process_proxy(struct openconnect_info *vpninfo, int ssl_sock)
{
if (!vpninfo->proxy_type || !strcmp(vpninfo->proxy_type, "http"))
return process_http_proxy(vpninfo, ssl_sock);
if (!strcmp(vpninfo->proxy_type, "socks") ||
!strcmp(vpninfo->proxy_type, "socks5"))
return process_socks_proxy(vpninfo, ssl_sock);
......
......@@ -34,23 +34,23 @@
#include "openconnect-internal.h"
struct openconnect_info *openconnect_vpninfo_new (char *useragent,
openconnect_validate_peer_cert_vfn validate_peer_cert,
openconnect_write_new_config_vfn write_new_config,
openconnect_process_auth_form_vfn process_auth_form,
openconnect_progress_vfn progress,
void *privdata)
struct openconnect_info *openconnect_vpninfo_new(char *useragent,
openconnect_validate_peer_cert_vfn validate_peer_cert,
openconnect_write_new_config_vfn write_new_config,
openconnect_process_auth_form_vfn process_auth_form,
openconnect_progress_vfn progress,
void *privdata)
{
struct openconnect_info *vpninfo = calloc (sizeof(*vpninfo), 1);
struct openconnect_info *vpninfo = calloc(sizeof(*vpninfo), 1);
vpninfo->ssl_fd = -1;
vpninfo->cert_expire_warning = 60 * 86400;
vpninfo->useragent = openconnect_create_useragent (useragent);
vpninfo->useragent = openconnect_create_useragent(useragent);
vpninfo->validate_peer_cert = validate_peer_cert;
vpninfo->write_new_config = write_new_config;
vpninfo->process_auth_form = process_auth_form;
vpninfo->progress = progress;
vpninfo->cbdata = privdata?:vpninfo;
vpninfo->cbdata = privdata ? : vpninfo;
vpninfo->cancel_fd = -1;
openconnect_set_reported_os(vpninfo, NULL);
......@@ -61,7 +61,7 @@ struct openconnect_info *openconnect_vpninfo_new (char *useragent,
return vpninfo;
}
int openconnect_set_reported_os (struct openconnect_info *vpninfo, const char *os)
int openconnect_set_reported_os(struct openconnect_info *vpninfo, const char *os)
{
if (!os) {
#if defined(__APPLE__)
......@@ -85,7 +85,7 @@ int openconnect_set_reported_os (struct openconnect_info *vpninfo, const char *o
return 0;
}
static void free_optlist (struct vpn_option *opt)
static void free_optlist(struct vpn_option *opt)
{
struct vpn_option *next;
......@@ -97,7 +97,7 @@ static void free_optlist (struct vpn_option *opt)
}
}
void openconnect_vpninfo_free (struct openconnect_info *vpninfo)
void openconnect_vpninfo_free(struct openconnect_info *vpninfo)
{
openconnect_close_https(vpninfo, 1);
free(vpninfo->peer_addr);
......@@ -149,12 +149,12 @@ void openconnect_vpninfo_free (struct openconnect_info *vpninfo)
free(vpninfo);
}
char *openconnect_get_hostname (struct openconnect_info *vpninfo)
char *openconnect_get_hostname(struct openconnect_info *vpninfo)
{
return vpninfo->unique_hostname?:vpninfo->hostname;
}
void openconnect_set_hostname (struct openconnect_info *vpninfo, char *hostname)
void openconnect_set_hostname(struct openconnect_info *vpninfo, char *hostname)
{
free(vpninfo->hostname);
vpninfo->hostname = hostname;
......@@ -162,37 +162,37 @@ void openconnect_set_hostname (struct openconnect_info *vpninfo, char *hostname)
vpninfo->unique_hostname = NULL;
}
char *openconnect_get_urlpath (struct openconnect_info *vpninfo)
char *openconnect_get_urlpath(struct openconnect_info *vpninfo)
{
return vpninfo->urlpath;
}
void openconnect_set_urlpath (struct openconnect_info *vpninfo, char *urlpath)
void openconnect_set_urlpath(struct openconnect_info *vpninfo, char *urlpath)
{
vpninfo->urlpath = urlpath;
}
void openconnect_set_xmlsha1 (struct openconnect_info *vpninfo, const char *xmlsha1, int size)
void openconnect_set_xmlsha1(struct openconnect_info *vpninfo, const char *xmlsha1, int size)
{
if (size != sizeof (vpninfo->xmlsha1))
if (size != sizeof(vpninfo->xmlsha1))
return;
memcpy (&vpninfo->xmlsha1, xmlsha1, size);
memcpy(&vpninfo->xmlsha1, xmlsha1, size);
}
void openconnect_set_cafile (struct openconnect_info *vpninfo, char *cafile)
void openconnect_set_cafile(struct openconnect_info *vpninfo, char *cafile)
{
vpninfo->cafile = cafile;
}
void openconnect_setup_csd (struct openconnect_info *vpninfo, uid_t uid, int silent, char *wrapper)
void openconnect_setup_csd(struct openconnect_info *vpninfo, uid_t uid, int silent, char *wrapper)
{
vpninfo->uid_csd = uid;
vpninfo->uid_csd_given = silent?2:1;
vpninfo->uid_csd_given = silent ? 2 : 1;
vpninfo->csd_wrapper = wrapper;
}
void openconnect_set_client_cert (struct openconnect_info *vpninfo, char *cert, char *sslkey)
void openconnect_set_client_cert(struct openconnect_info *vpninfo, char *cert, char *sslkey)
{
vpninfo->cert = cert;
if (sslkey)
......@@ -201,28 +201,28 @@ void openconnect_set_client_cert (struct openconnect_info *vpninfo, char *cert,
vpninfo->sslkey = cert;
}
OPENCONNECT_X509 *openconnect_get_peer_cert (struct openconnect_info *vpninfo)
OPENCONNECT_X509 *openconnect_get_peer_cert(struct openconnect_info *vpninfo)
{
return vpninfo->peer_cert;
}
int openconnect_get_port (struct openconnect_info *vpninfo)
int openconnect_get_port(struct openconnect_info *vpninfo)
{
return vpninfo->port;
}
char *openconnect_get_cookie (struct openconnect_info *vpninfo)
char *openconnect_get_cookie(struct openconnect_info *vpninfo)
{
return vpninfo->cookie;
}
void openconnect_clear_cookie (struct openconnect_info *vpninfo)
void openconnect_clear_cookie(struct openconnect_info *vpninfo)
{
if (vpninfo->cookie)
memset(vpninfo->cookie, 0, strlen(vpninfo->cookie));
}